On 1.10.2014 18:15, Petr Vobornik wrote:
Hello list,

Patch for: https://fedorahosted.org/freeipa/ticket/4419


Web UI for 4419. Depends on patch 761 (parent thread).
--
Petr Vobornik
From 2b9cc4c0a2fa4dd1a8a28b9551a15218e5367819 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Thu, 2 Oct 2014 15:44:47 +0200
Subject: [PATCH] webui: management of keytab permissions

https://fedorahosted.org/freeipa/ticket/4419
---
 install/ui/src/freeipa/association.js | 12 +++--
 install/ui/src/freeipa/host.js        | 93 +++++++++++++++++++++++++++++++++++
 install/ui/src/freeipa/service.js     | 93 +++++++++++++++++++++++++++++++++++
 install/ui/test/data/ipa_init.json    |  9 ++++
 ipalib/plugins/internal.py            |  9 ++++
 5 files changed, 213 insertions(+), 3 deletions(-)

diff --git a/install/ui/src/freeipa/association.js b/install/ui/src/freeipa/association.js
index 64a2926d97856e3333b9a3dac27834bc4d78e8f5..03a358c60cc3632a6f000d47b2e29cabd07883c1 100644
--- a/install/ui/src/freeipa/association.js
+++ b/install/ui/src/freeipa/association.js
@@ -406,7 +406,7 @@ IPA.association_table_widget = function (spec) {
 
     spec = spec || {};
 
-    var index = spec.name.indexOf('_');
+    var index = spec.name.lastIndexOf('_');
     spec.attribute_member = spec.attribute_member || spec.name.substring(0, index);
     spec.other_entity = spec.other_entity || spec.name.substring(index+1);
 
@@ -589,7 +589,7 @@ IPA.association_table_widget = function (spec) {
         var i;
         var columns = that.columns.values;
         if (columns.length == 1) { // show pkey only
-            var name = columns[0].name;
+            var name = columns[0].param;
             for (i=0; i<that.values.length; i++) {
                 var record = {};
                 record[name] = that.values[i];
@@ -774,6 +774,12 @@ IPA.association_table_field = function (spec) {
 
     var that = IPA.field(spec);
 
+    that.load = function(data) {
+        that.values = that.adapter.load(data);
+        that.widget.update(that.values);
+        that.widget.unselect_all();
+    };
+
     that.refresh = function() {
 
         function on_success(data, text_status, xhr) {
@@ -821,7 +827,7 @@ exp.association_facet_pre_op = function(spec, context) {
     su.context_entity(spec, context);
     spec.entity = entity;
 
-    var index = spec.name.indexOf('_');
+    var index = spec.name.lastIndexOf('_');
     spec.attribute_member = spec.attribute_member ||
         spec.name.substring(0, index);
     spec.other_entity = spec.other_entity ||
diff --git a/install/ui/src/freeipa/host.js b/install/ui/src/freeipa/host.js
index 5b886b6394e73533d73f0d1a3d800922e4ef3e4d..8ce5c651256ea15f966732bfa70f004f3eb29eb0 100644
--- a/install/ui/src/freeipa/host.js
+++ b/install/ui/src/freeipa/host.js
@@ -205,6 +205,99 @@ return {
             ]
         },
         {
+            $pre_ops: [
+                { $del: [[ 'control_buttons', [
+                    { name: 'reset'},
+                    { name: 'update'}
+                ]]] }
+            ],
+            $type: 'details',
+            name: 'allowed_to',
+            facet_group: 'settings',
+            tab_label: '@i18n:keytab.permission_tab_label',
+            command_mode: 'info',
+            sections: [
+                {
+                    name: 'read',
+                    label: '@i18n:keytab.allowed_to_retrieve',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_read_keys_user',
+                            name: 'ipaallowedtoperform_read_keys_user',
+                            add_method: 'add_retrieve_keytab',
+                            remove_method: 'remove_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_user',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_read_keys_group',
+                            name: 'ipaallowedtoperform_read_keys_group',
+                            add_method: 'add_retrieve_keytab',
+                            remove_method: 'remove_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_group',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
+                },
+                {
+                    name: 'write',
+                    label: '@i18n:keytab.allowed_to_create',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_write_keys_user',
+                            name: 'ipaallowedtoperform_write_keys_user',
+                            add_method: 'add_create_keytab',
+                            remove_method: 'remove_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_user',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'host_ipaallowedtoperform_write_keys_group',
+                            name: 'ipaallowedtoperform_write_keys_group',
+                            add_method: 'add_create_keytab',
+                            remove_method: 'remove_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_group',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
+                }
+            ]
+        },
+        {
             $type: 'association',
             name: 'managedby_host',
             add_method: 'add_managedby',
diff --git a/install/ui/src/freeipa/service.js b/install/ui/src/freeipa/service.js
index ee71e7af38df338aa2e1d50542f032a49602e59e..98c7c8dc09a3360d445768c1adbe16dd6482a439 100644
--- a/install/ui/src/freeipa/service.js
+++ b/install/ui/src/freeipa/service.js
@@ -168,6 +168,99 @@ return {
             name: 'managedby_host',
             add_method: 'add_host',
             remove_method: 'remove_host'
+        },
+        {
+            $pre_ops: [
+                { $del: [[ 'control_buttons', [
+                    { name: 'reset'},
+                    { name: 'update'}
+                ]]] }
+            ],
+            $type: 'details',
+            name: 'allowed_to',
+            facet_group: 'settings',
+            tab_label: '@i18n:keytab.permission_tab_label',
+            command_mode: 'info',
+            sections: [
+                {
+                    name: 'read',
+                    label: '@i18n:keytab.allowed_to_retrieve',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_read_keys_user',
+                            name: 'ipaallowedtoperform_read_keys_user',
+                            add_method: 'add_retrieve_keytab',
+                            remove_method: 'remove_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_user',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_read_keys_group',
+                            name: 'ipaallowedtoperform_read_keys_group',
+                            add_method: 'add_retrieve_keytab',
+                            remove_method: 'remove_retrieve_keytab',
+                            add_title: '@i18n:keytab.add_retrive',
+                            remove_title: '@i18n:keytab.remove_retrieve',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_read_keys_group',
+                                    label: '@mo:user.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
+                },
+                {
+                    name: 'write',
+                    label: '@i18n:keytab.allowed_to_create',
+                    $factory: IPA.section,
+                    fields: [
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_write_keys_user',
+                            name: 'ipaallowedtoperform_write_keys_user',
+                            add_method: 'add_create_keytab',
+                            remove_method: 'remove_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_user',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        },
+                        {
+                            $type: 'association_table',
+                            id: 'service_ipaallowedtoperform_write_keys_group',
+                            name: 'ipaallowedtoperform_write_keys_group',
+                            add_method: 'add_create_keytab',
+                            remove_method: 'remove_create_keytab',
+                            add_title: '@i18n:keytab.add_create',
+                            remove_title: '@i18n:keytab.remove_create',
+                            columns: [
+                                {
+                                    name: 'ipaallowedtoperform_write_keys_group',
+                                    label: '@mo:group.label_singular',
+                                    link: true
+                                }
+                            ]
+                        }
+                    ]
+                }
+            ]
         }
     ],
     standard_association_facets: true,
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index f40ff14dfb3ecae40e6921da29ce3e2916121268..67548b9f14327d6a4135e83c44177fc7fc28f5d7 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -143,6 +143,15 @@
                         "search": "Search"
                     },
                     "false": "False",
+                    "keytab": {
+                        "add_create": "Allow ${other_entity} to create keytab of ${primary_key}",
+                        "add_retrive": "Allow ${other_entity} to retrieve keytab of ${primary_key}",
+                        "allowed_to_create": "Allowed to create keytab",
+                        "allowed_to_retrieve": "Allowed to retrieve keytab",
+                        "permission_tab_label": "Keytab permissions",
+                        "remove_create": "Disallow ${other_entity} to create keytab of ${primary_key}",
+                        "remove_retrieve": "Disallow ${other_entity} to retrieve keytab of ${primary_key}"
+                    },
                     "krbauthzdata": {
                         "inherited": "Inherited from server configuration",
                         "mspac": "MS-PAC",
diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py
index 43805daa8d8765e5d0adfb41d89c26c41dd061c0..530c086363db79676a99645b56fdcdb85e239e36 100644
--- a/ipalib/plugins/internal.py
+++ b/ipalib/plugins/internal.py
@@ -285,6 +285,15 @@ class i18n_messages(Command):
             "search": _("Search"),
         },
         "false": _("False"),
+        "keytab": {
+            "add_create": _("Allow ${other_entity} to create keytab of ${primary_key}"),
+            "add_retrive": _("Allow ${other_entity} to retrieve keytab of ${primary_key}"),
+            "allowed_to_create": _("Allowed to create keytab"),
+            "allowed_to_retrieve": _("Allowed to retrieve keytab"),
+            "permission_tab_label": _("Keytab permissions"),
+            "remove_create": _("Disallow ${other_entity} to create keytab of ${primary_key}"),
+            "remove_retrieve": _("Disallow ${other_entity} to retrieve keytab of ${primary_key}"),
+        },
         "krbauthzdata": {
             "inherited": _("Inherited from server configuration"),
             "mspac": _("MS-PAC"),
-- 
1.9.3

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to